{"report_id":"539242ab-d4e8-4c92-a50c-5ec5efa5f6de","version":6,"status":"done","tags":[],"date":"2026-05-07T12:16:54Z","url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"172.67.169.137","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"title":"Loading…","dom":{"size":29618,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26536)","md5":"d207096b798a45d8e575e9bf9eb79a64","sha1":"9fd07fdc0b89e3912f4dcc8cce28720fecb1ce95","sha256":"84e022ae57a237452a489a82a0893d743046e1b67dd7fc3beb367f8894649a8d","sha512":"6dda1c7b2b94fa9a08841674bfbaf7c9f92f19e53cdb21892c9421b4278b0efbbb73dd6d582b5bf7c330f281f7ed4f845a18cf60c0161f9fe9ca530d7d87c74c","ssdeep":"384:Q+yumdaJkOsHa3F7B/hujAeFBDQ58oZA7qbhXvO2Ei6g0nIhz9f/6XYXUOKRe1hE:Q+yuLF7d30Y8orbh22HOA9H6XA3DT4tj","tlshash":"7fd2c82ef514c92add577e5831bf7d3a248dd16a438184f4b6dcca1903928f9a7e38c2","dom_hash":"domhashfda307121f3620685a4114acc43ef113","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"172.67.169.137","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-11T12:16:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tw-payment.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":15,"request_count":15,"received_data":521539,"sent_data":7004,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-03T22:25:11.554838Z","alert_count":0,"request_count":1,"received_data":230802,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/main-app-b429527a3db333a9.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a90a3144132d29c59643f71872c72b9","sha1":"07ba273ab9c1c217b4295a9013e82dc48b40d02b","sha256":"35e6a0b45ad3a62114cc0c3d116e7691c4e63823f1a9b4f2ff743da63c90bbda","sha512":"76ea7d35030177a73192ba3417836ce4695970321d51d2f62760aedd2070c4e37d6d1aab65a89efb024dfecdba5b34bd395ff59d9e4bfe5264c244bfa225e107","ssdeep":"","tlshash":"f3f0d09b4f1cf92f5c26ae64fe97bce2285f4179202b4e606905de713c63b6dd2b0408","size":569,"data":"","first_seen":"2026-04-28T13:26:00.1983Z","last_seen":"2026-05-07T12:18:31.47939Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-05-11T15:59:23.009955Z","times_seen":120531,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d3e173f60d759a8a210063e1f1ba0418","sha1":"ad65318cb395465f13fe5e11c81444a3c22a8fd1","sha256":"dc6dc1ea8184752ea250c885b12c4a3b0809043efb00ec784396e59ec7b6e37d","sha512":"7d2cf1dfdbfca6b1b2e77cd29cd3f1f1b8183612ad1f8f2c88c182a5ca51d1aed132bdabb4a27eff15f321c28e6ab3329443cd825ea18d771db55838e4d09045","ssdeep":"","tlshash":"9311cc44f246e8d39c33df2b95278d7084d4fe7e8274998436cfca260262da96284416","size":873,"data":"","first_seen":"2026-05-07T12:16:59.576491Z","last_seen":"2026-05-07T12:18:31.494151Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"24e47a5cbc526a21f417a2b9aab4adf4","sha1":"ef2a13e84d9afc7e772fd02f500d7c0ba9b987dd","sha256":"203e84109cc30c608aef12d282631d143e2c6cc39bbe098ba6bc1af33616d613","sha512":"49dc30da83c576a2e19853f8b238340688b6b32ebcd74aa07cacd5c6d886701acb60e4502104014089e65e52a2b9af2fce4ff819566e01c56357b29ead772552","ssdeep":"96:L9g85Fke9F6SxjfWTi5EwrC9NEiNENNEiVyJIrqtDWlJ:jke9F62jOEsE7E5IFJ","tlshash":"49a157396016dd6efc6a7d48247e5c3e298da26b4b94cfb4e2ecce144746439b7d28c0","size":4639,"data":"","first_seen":"2026-05-07T12:16:59.578339Z","last_seen":"2026-05-07T12:16:59.578339Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"79acce4a198bdceb56455e3a224412ee","sha1":"d1cedcb886abd91bd66f05e17f4571955fecd5e2","sha256":"0fad4b83ab21fce431b3534625c8dd983bb6ed20a5d64ca76ca2d9206de854cd","sha512":"001d1367097f46082ec733956ea29ebbdec56b47b7d369e598261ae4752fb28b5b4a3ff1f1f8d82435abe0da75a4c0bf5b40670ad35c7b3e9e0fd342f1e69ead","ssdeep":"384:JZA7qbhXvO2Ei6g0nIhz9f/6XYXUOKRe1hzga0Wyqa:Jrbh22HOA9H6XA3Da","tlshash":"f172941ef304d225da872fa976ff6d77205981a5038240f87adcc61903669fca6f75c2","size":16653,"data":"","first_seen":"2026-05-04T09:45:54.623936Z","last_seen":"2026-05-08T16:18:51.913211Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"949a3c8737acd3b1d08cd42fe1e71e91","sha1":"f1aa3cc46ab2fd7d3a66befd5b3ceba8d84c6287","sha256":"7a7956fb1778cf1c2be9a52d3353ee515510f7555c5f3ec12ea91e662565ea12","sha512":"d4c80b77472ad9e8d8f403a24352a4257043c295edd49c38620a37ee704e12da2ae90bbb9035618fa720e538e09aafa5b1652baf56f256f74ae4b131605f1c85","ssdeep":"","tlshash":"5a9002b880448c26683364131c342c03119c844a04441e6493d4dd44275553a7605d8a","size":55,"data":"","first_seen":"2026-03-22T20:48:27.570469Z","last_seen":"2026-05-08T16:18:51.914622Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/4bd1b696-409494caf8c83275.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc071e9c777357d51dff977fb1a134fc","sha1":"9fa232d68efce3b2b2c3352511e475ddc64e4bb4","sha256":"d7fd4b1b9d7f818cc97ddd7b672944e523f23d36a2963d5769caf809141fb9e6","sha512":"69cc9135f9e2a7eef21803fc95efd56348b6de5fafad94fdc2c83d8f6d5e5af8aede3facbdb712a4e26aedc9d87d78c59f01464923f17f5c4ff64480df365611","ssdeep":"1536:XWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:19LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"4ef3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","size":173024,"data":"","first_seen":"2025-09-05T19:18:55.705611Z","last_seen":"2026-05-11T08:03:11.833575Z","times_seen":597,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/webpack-915a4beb39c6de68.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e00ad5eed75162b54948c926313431ac","sha1":"d76f4b5a281c84c4b563f55d01f89e579e509ec5","sha256":"974affbf3dd42324a85038f83bdc2e745a7a4d2c2332e941ea2180910a592bbb","sha512":"444a53aaf6842927a4413ec5a95aa44de2f38a70e05a838efd75560cf95a915e434a54692fd10aedefc56854c42bd7203ecafe19805bff091c1e9e4168480c22","ssdeep":"","tlshash":"6e71d6a53621f9b166f044c65c7ed582f229313b112fecf0a707d8b9a424ad10562ff3","size":3730,"data":"","first_seen":"2026-05-04T09:45:54.620674Z","last_seen":"2026-05-08T16:18:51.896887Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/app/layout-168ec91fc7968b47.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"237f4b6925c0ca05b999418fc78c76b2","sha1":"dcb56fdab1d7cea727749c9d340d160a71ba858f","sha256":"c854292fbca03ba7a3d41a1f1cda06273c36ad08fad030a4b9d11b51cb22b37d","sha512":"fddefeed8cf109c6a5c0f0d383df81c09aa1d6775b9a07f2d49dc329dff8218d2b8986349863d4a83c97b5f17c4fb8e94c619697e93e6f55f32b172eeb9b4f0e","ssdeep":"192:C39zcafxrVz5jc3Ab/4r7m74JjmcvWmVIKqp6:C3FxrsyC6m1","tlshash":"89d1fab23782fc3546958881e433c6c2b9111935241f74d0a7baccfd35b9ec494e1f99","size":6721,"data":"","first_seen":"2026-04-28T13:26:00.216231Z","last_seen":"2026-05-07T12:18:31.483321Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d72c7497442bfaf053879d7bb041104","sha1":"f339f3f4f5855610fccabbb3c31377d800cb59f6","sha256":"e2569e2d04f877aa246701a1f7d8243421c413350a0e536ee173aa93482657ea","sha512":"cdb25a17d5fa162271c83afffa72a02c99f86d0933ab41c419437402711afbfc870bf3cf82ba8cf18fb7adaa3803cabacf06ac2072b7322dede8b8a390369a0e","ssdeep":"","tlshash":"4231f13d3008d94fedaa7819127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6981","size":1579,"data":"","first_seen":"2025-12-23T19:50:11.702308Z","last_seen":"2026-05-08T16:18:51.91577Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"175bda9a3eed5d27709f7d854d86eebe","sha1":"e1570c59dfad5f9dce5cad5d3233aa58aac3707f","sha256":"0b2a4d5b2f885d008a1737e249ee12c4c87bc31eeac909bdea8fda53108742b9","sha512":"05048e02040fbffb7afda70a430b33a0c052c1e006ddb06190b41e21e68cbf159aae98e052a10d924ca231e3a5026757956bff440547f7731374d1744279baf1","ssdeep":"","tlshash":"1bf08b60ac02cf0eea6b7e69147efd3520dec46a0185c9df86c0ce290a81a793db1dc1","size":598,"data":"","first_seen":"2026-03-22T20:48:27.573021Z","last_seen":"2026-05-08T16:18:51.916811Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/493-71c8c43e41b12838.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3eb1b4190c3cb3ade425692d4e89325","sha1":"6256c4dc555008a9fb95187d391392a44a5196d4","sha256":"2a29dd4dc77a0838b54f9ad9d3360d234b917ac9bbe586b0968028791c8d431d","sha512":"a1e5471e51c73c0fca0d33861a43f55ce55e7055d593b497c5d01451f04c94e91ceb42378c8d88cc8ad51a7a2a05f03968d32aec8c3356fead73673eec8dfe1e","ssdeep":"1536:0zigN+8/BhcO5HYHqLVcXm7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:u79LmA+uy4r904Aj44RN0z/Sz","tlshash":"d8f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","size":173010,"data":"","first_seen":"2026-04-26T13:16:34.47902Z","last_seen":"2026-05-08T16:18:51.897842Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"48aee6a15db79ea057d4e341c6ed5d91","sha1":"8e753d144d760caea03cf3f4ae7bfa7cff833f24","sha256":"514be39206a8c450e93957489b3dcbdcc3a8ced46c4dbaccb6191fdda399c535","sha512":"caa4394bf7f3414770c005c191d01fd062bc39a75eabb6480d40c463d888f963e7916405ef7fb9e80df5e03dd2c5ba31b8012b40c1581ba30d8ccca4b043a8ed","ssdeep":"","tlshash":"b2d04c88211b4c7156a72a454f6fb604b056621294919b217d1e63485f21e17d754854","size":224,"data":"","first_seen":"2026-01-10T14:02:29.698224Z","last_seen":"2026-05-10T13:12:15.93126Z","times_seen":490,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=test","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cfdd2157943d3717ddbfa31bb2f4cd7d","sha1":"c242d26c7564ce1fedca5ff92d0827da85de9b8e","sha256":"b3c4371fb29f23a8dad2b1d726426a85c6e90340f1004def5fd6019a4f9fa2a3","sha512":"98b88eb3e368b28a8bb744f67eb3b59ea06a445ac3ae17cabb10de10321c38802d1220168b47510485d8678c1ae4ba5507d5ed82f3aac2770b257ed9fd93b3cb","ssdeep":"3072:e1kAHZYoZ0nwcfuJ1wUuyJPjfu/lcewk+o7fW/4faA1YMJQm6/1SWuCHFi:6ZpaMxjZWO/lMJQm6/Juoc","tlshash":"34242acdb3da706693a3b578903f014ba27a7992f84cc894f142d8c42d7466a4277f7d","size":230153,"data":"","first_seen":"2026-05-07T11:12:42.599884Z","last_seen":"2026-05-07T12:20:13.027251Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/app/layout-168ec91fc7968b47.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-168ec91fc7968b47.js HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tw-payment.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FO%2FpUhg6Kg2tv3XoJ1r8L3mRiyXBOVJz%2B1gZG%2BVq%2Bw4%2BJaftNNKm34uj3S1fOwai48ccL6k5VsbNCKJUOB29kulsY8Tl8%2BoPO10q8ZB5lI73u3TM%2Bj3QTC9JJtMciYfHGw%3D%3D\"}]}\r\netag: W/\"69f97b07-1a41\"\r\ncontent-encoding: br\r\ncf-ray: 9f80280f7c3b23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6721,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6721), with no line terminators","md5":"237f4b6925c0ca05b999418fc78c76b2","sha1":"dcb56fdab1d7cea727749c9d340d160a71ba858f","sha256":"c854292fbca03ba7a3d41a1f1cda06273c36ad08fad030a4b9d11b51cb22b37d","sha512":"fddefeed8cf109c6a5c0f0d383df81c09aa1d6775b9a07f2d49dc329dff8218d2b8986349863d4a83c97b5f17c4fb8e94c619697e93e6f55f32b172eeb9b4f0e","ssdeep":"192:C39zcafxrVz5jc3Ab/4r7m74JjmcvWmVIKqp6:C3FxrsyC6m1","tlshash":"89d1fab23782fc3546958881e433c6c2b9111935241f74d0a7baccfd35b9ec494e1f99","first_seen":"2026-04-28T13:26:00.216231Z","last_seen":"2026-05-07T12:18:31.483321Z","times_seen":4,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/media/70355d4fbd533ab2-s.p.woff2","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/media/70355d4fbd533ab2-s.p.woff2 HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://tw-payment.com/_next/static/css/385d1cca048e3fce.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20144\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\netag: \"69f97b07-4eb0\"\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A9Y2ybxgHkr7LBP01bgpj%2F%2BP5Chhzetez%2B2WvOp15SNMP8prx5arxQD4UBY50TPPYfOecgwkPADiegiKgpooMLBAC1KEwe4sSBClbc%2Bd39k1g%2FtRt%2B52b7PZP3Z8bxOprg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f802810dfd123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20144,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20144, version 1.0","md5":"9b9969b222383443533022faa1a8dc15","sha1":"960bfc7f598d95e5e1f183f66f0b9570c59be7f5","sha256":"fd4c8e65080adbaf0cc819eb67b08ed9300e9274dd0069b382d286b93b9544a0","sha512":"dca295932532388d01fc0130671252a3bf707bd9a2e5608d69b2ad0ee9134a9349e2c45734ca8bc223ea4090e918420166c6944395852a108ef7d25a360fd2f0","ssdeep":"384:bDDIoOYd5DFolWnW7Hy2ljK3VB87feqOMtmna2213/p:bwYdFFolz7HyMjK/87vOaPvp","tlshash":"4c92e067de6d3916fcd415f04619ec1ea1b12f617c2206fb0cc8c946906da8d6aaed88","first_seen":"2025-11-23T10:03:25.17893Z","last_seen":"2026-05-10T22:07:30.927718Z","times_seen":81,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/media/07a25e30db343ec8-s.p.woff2","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/media/07a25e30db343ec8-s.p.woff2 HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13792\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\netag: \"69f97b07-35e0\"\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KIeG56FV%2B%2BCHw2Q2V33Yd2eUOKmidoha%2BPFSnuBEqB8E%2BFZZxvLr%2FhC98nLUBqTPM36LfOwmWAgvcsKn4wL%2FOQx3o6bTHg%2Bv0z%2BNnklAtFdUgqLGo1tRV5qi022YStbpVA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f802811593d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13792,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13792, version 1.0","md5":"4ae2d48436b3d6fcab18c9de2f7f8fc3","sha1":"108fe3712707923941996546a4ba325a3f4f96bc","sha256":"c54a0fc890f9cbaf295a1bbcf745351b099182bf87b149cf6eeec856f46750bf","sha512":"9f3dff01a9823f0fdcef0eebc2b6a0d25ce20b534a577a02c411934c6425dd22c1c32861ae3f741ec6e04b7022d15bd0cdda89be07413361d9d9c0eea5a01079","ssdeep":"384:nMSLVRCzUjz7V5hHOhqjzXCmNZMHI9lJG/dS2:MSLVRCAcqvCwvG/dS2","tlshash":"1e52c0bc9e7d6d1b705f13f66e6f7675e582b92700076c4ab0514cbc2144b23b2e846e","first_seen":"2025-11-23T10:03:25.189462Z","last_seen":"2026-05-10T13:12:15.916813Z","times_seen":60,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/icons/logo-two.png","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /icons/logo-two.png HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 4159\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Tue, 10 Mar 2026 11:51:28 GMT\r\netag: W/\"103f-19cd7967600\"\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\nx-content-type-options: nosniff, nosniff\r\nreferrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nstrict-transport-security: max-age=15552000\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lz5PNruPnqfMjWB5sn7WcFEItTavl1QMu%2Fc49o2W8e%2BLNixzoX6ZIVTt48SAvBj0wmvCyU2wrnI8yhAMqiSYUAUeuScHgZ1rxTy7x07J2GDpnPIuMuLVfgICVfvVb8Z1eA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f8028124cad23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4159,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 71 x 81, 8-bit/color RGBA, non-interlaced","md5":"58fd2a12f571cafad976ed5feddeeacc","sha1":"c7c0342c9edb1d20d96f26c0d713b83c4124b144","sha256":"98e40eaf5f022cb4f4e94991a6fbcc95a11f93545c1354237b2f40cca4d9405b","sha512":"399b57f3f371f14c98a8a1600ba028f721739d76511e2c1476aefb46f212cf58dd9e9142eb0f77e160644a9fec03d32405459658345912457fc19304aad69a70","ssdeep":"96:taIF26hHzU/RmovWsHQOJ9SNnGFHUikhpeuaeJNGYXRfCK0uG7SPR:n1zMhWsHQs9StwHLQJdRJ0XWJ","tlshash":"54817db5f830ccc0cc2d6c61d1ad6d8c103613454dc6b879ef96e9b3a2645d3145cbda","first_seen":"2026-04-13T07:55:48.870403Z","last_seen":"2026-05-10T13:12:15.898489Z","times_seen":28,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/493-71c8c43e41b12838.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/chunks/493-71c8c43e41b12838.js HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tw-payment.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BRq5uS44QpMNE2Y3pGyR5tKlLBaX0MEBmzwbzj1fBNgYktlbjecJvQmbV9iUNG8mcZkQhAz1JMpuuQZDMfhT2PSKIeOgGKuYkyCkKgEFg8Ifs4Fpd935oIlnt7qLjG5m%2FQ%3D%3D\"}]}\r\netag: W/\"69f97b07-2a3d2\"\r\ncontent-encoding: br\r\ncf-ray: 9f80280f7c2823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173010,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c3eb1b4190c3cb3ade425692d4e89325","sha1":"6256c4dc555008a9fb95187d391392a44a5196d4","sha256":"2a29dd4dc77a0838b54f9ad9d3360d234b917ac9bbe586b0968028791c8d431d","sha512":"a1e5471e51c73c0fca0d33861a43f55ce55e7055d593b497c5d01451f04c94e91ceb42378c8d88cc8ad51a7a2a05f03968d32aec8c3356fead73673eec8dfe1e","ssdeep":"1536:0zigN+8/BhcO5HYHqLVcXm7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:u79LmA+uy4r904Aj44RN0z/Sz","tlshash":"d8f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","first_seen":"2026-04-26T13:16:34.47902Z","last_seen":"2026-05-08T16:18:51.897842Z","times_seen":28,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/main-app-b429527a3db333a9.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/chunks/main-app-b429527a3db333a9.js HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tw-payment.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c7IT%2F2qrND4HCDYUKjk63V5uqKIFassYVqCvo2cQdxNOXQyZ7WbrUGIOUxOO7M9Vtb6FvepvanDeYHzco77MSjAytNU3Y2xMYTiI%2FaRuXwCS7yEFRy2C6ltVYGYRoBdQqQ%3D%3D\"}]}\r\netag: W/\"69f97b07-239\"\r\ncontent-encoding: br\r\ncf-ray: 9f80280f7c3523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":569,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (569), with no line terminators","md5":"5a90a3144132d29c59643f71872c72b9","sha1":"07ba273ab9c1c217b4295a9013e82dc48b40d02b","sha256":"35e6a0b45ad3a62114cc0c3d116e7691c4e63823f1a9b4f2ff743da63c90bbda","sha512":"76ea7d35030177a73192ba3417836ce4695970321d51d2f62760aedd2070c4e37d6d1aab65a89efb024dfecdba5b34bd395ff59d9e4bfe5264c244bfa225e107","ssdeep":"","tlshash":"f3f0d09b4f1cf92f5c26ae64fe97bce2285f4179202b4e606905de713c63b6dd2b0408","first_seen":"2026-04-28T13:26:00.1983Z","last_seen":"2026-05-07T12:18:31.47939Z","times_seen":4,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/media/70355d4fbd533ab2-s.p.woff2","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/media/70355d4fbd533ab2-s.p.woff2 HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://tw-payment.com/_next/static/css/385d1cca048e3fce.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20144\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\netag: \"69f97b07-4eb0\"\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d2yhJiJp6INMgTK5s%2BfdjUcl9X2gRPX1l1vOmJp6A%2F3Cd%2BvwxXRWJybNSCKpD%2BiUX35YMTYGH%2FeS9EY4WmOi4trnIqGZc1Gn%2FuqWKgAjFKJHdkdJz%2FSRGPsgdxPki575uQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f802810dfed23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20144,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20144, version 1.0","md5":"9b9969b222383443533022faa1a8dc15","sha1":"960bfc7f598d95e5e1f183f66f0b9570c59be7f5","sha256":"fd4c8e65080adbaf0cc819eb67b08ed9300e9274dd0069b382d286b93b9544a0","sha512":"dca295932532388d01fc0130671252a3bf707bd9a2e5608d69b2ad0ee9134a9349e2c45734ca8bc223ea4090e918420166c6944395852a108ef7d25a360fd2f0","ssdeep":"384:bDDIoOYd5DFolWnW7Hy2ljK3VB87feqOMtmna2213/p:bwYdFFolz7HyMjK/87vOaPvp","tlshash":"4c92e067de6d3916fcd415f04619ec1ea1b12f617c2206fb0cc8c946906da8d6aaed88","first_seen":"2025-11-23T10:03:25.17893Z","last_seen":"2026-05-10T22:07:30.927718Z","times_seen":81,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/css/385d1cca048e3fce.css","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/css/385d1cca048e3fce.css HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tw-payment.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JRcCY5ECmUfps9e6LYg1jKrY0yQt0YNy%2Bn6xeejp4AEWkGu4lX0T5zjdy%2FHzXnzj130cAFnrkWNI66BD6L1oAi5l89LIjVof%2BkXfSzqQ0zYTNWCJGAtx6SC173G7RbNb3Q%3D%3D\"}]}\r\netag: W/\"69f97b07-2068\"\r\ncontent-encoding: br\r\ncf-ray: 9f80280f7c1d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8296,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8296), with no line terminators","md5":"a73097b533d338ab4c29630e1a60f215","sha1":"dcdaf3127f95504381b77d704a62ca7a4c91b34f","sha256":"a152a893fbaa11ce3a1cf6e625402d9b852515ebd2f1731e27d152694c9ca588","sha512":"6667bb1ec9ec33000a3aa7851486c58cac2bc2db317d366885e862ea9e972fd59db9ef175dd0455c2a38cd599ac6c3baf367fff07c8739bc97008d16a2c84539","ssdeep":"192:IWxYYgWxmY3WxcYGWx2Y4IWxou+BlYfE6:FBtvQ1b/4Fou+BmfE6","tlshash":"7902be34c42e848ed932fc9231cd3f13283c141595e55e16efad99a98edb827b3e1b58","first_seen":"2026-04-07T15:06:50.299958Z","last_seen":"2026-05-10T13:12:15.887238Z","times_seen":41,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/media/70355d4fbd533ab2-s.p.woff2","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/media/70355d4fbd533ab2-s.p.woff2 HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://tw-payment.com/_next/static/css/385d1cca048e3fce.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20144\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\netag: \"69f97b07-4eb0\"\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IUzp2p7GVAprDwRdnTzkesiGwF1txQV5zNBKs4wPWajRqmvbWI12Mz1pSQ7a%2BE%2FbsnPzOTAGb22lajz3YFtq%2FXHcTUhG0hJMFThUcV4GkNWBfbNZuUA3hQ%2B%2Bhe8uNJasmA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f802810effa23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20144,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20144, version 1.0","md5":"9b9969b222383443533022faa1a8dc15","sha1":"960bfc7f598d95e5e1f183f66f0b9570c59be7f5","sha256":"fd4c8e65080adbaf0cc819eb67b08ed9300e9274dd0069b382d286b93b9544a0","sha512":"dca295932532388d01fc0130671252a3bf707bd9a2e5608d69b2ad0ee9134a9349e2c45734ca8bc223ea4090e918420166c6944395852a108ef7d25a360fd2f0","ssdeep":"384:bDDIoOYd5DFolWnW7Hy2ljK3VB87feqOMtmna2213/p:bwYdFFolz7HyMjK/87vOaPvp","tlshash":"4c92e067de6d3916fcd415f04619ec1ea1b12f617c2206fb0cc8c946906da8d6aaed88","first_seen":"2025-11-23T10:03:25.17893Z","last_seen":"2026-05-10T22:07:30.927718Z","times_seen":81,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-07T12:16:32.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-store\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\nx-content-type-options: nosniff, nosniff\r\nreferrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M0uyGbb%2BHxZ75%2Flg8WGG%2F5gzPU2ysOqIRIzo%2BldOXB8nAk5a6YGVH0qkZN0MKvPG4N9Tzf1G5hx7kSbJ5B8LECf9FdpJII4rPMeNLrh%2BzQjaXEgRxmC5LfQ8RcFwAfhz7Q%3D%3D\"}]}\r\nstrict-transport-security: max-age=15552000\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9f80280ceada1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28918,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26377)","md5":"42702f4da262f1b66c319ff96008212a","sha1":"726efa06c0bb3abbc1c9957e37896c569be50157","sha256":"eddaebb32b46afc143e2e4c78d7c03b9bc86271dabd0f7af7fb78308fbec80d9","sha512":"2be844483580dbdd481d43d712d9b82cd97afb1d27be8670b8aef5baec31b280cbf3dbd91a0eb81171031da049f78f20da67f0746eb9524f94a91e10f2e6b820","ssdeep":"384:fv9ORafiYurWmgK/hujAeFBDQ58oZA7qbhXvO2Ei6g0nIhz9f/6XYXUOKRe1hzg9:fv9OR0U30Y8orbh22HOA9H6XA3DT4t9","tlshash":"c4d2b72ef114c92add577e5831bf6d3a248dd166438184f8b6dcca1903968f9a7f38c2","first_seen":"2026-05-07T12:16:59.566123Z","last_seen":"2026-05-07T12:16:59.566123Z","times_seen":1,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":44,"dns":30,"connect":1,"send":0,"wait":254,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=test","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:17:21 GMT","end":"Wed, 01 Jul 2026 05:17:20 GMT"},"fingerprint":{"sha1":"44:62:36:EA:04:7F:DE:AF:4E:CA:E9:8F:72:03:CB:45:DF:75:F7:F7","sha256":"B4:8C:53:A3:0D:7C:33:E8:76:50:59:1C:1B:D2:32:8D:60:4E:01:31:A3:F4:72:1A:B4:D1:AB:C2:8A:9A:8C:74"}}},"request":{"raw":"GET /gtag/js?id=test HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tw-payment.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\nexpires: Thu, 07 May 2026 12:16:33 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 07 May 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 84252\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":230153,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4625)","md5":"cfdd2157943d3717ddbfa31bb2f4cd7d","sha1":"c242d26c7564ce1fedca5ff92d0827da85de9b8e","sha256":"b3c4371fb29f23a8dad2b1d726426a85c6e90340f1004def5fd6019a4f9fa2a3","sha512":"98b88eb3e368b28a8bb744f67eb3b59ea06a445ac3ae17cabb10de10321c38802d1220168b47510485d8678c1ae4ba5507d5ed82f3aac2770b257ed9fd93b3cb","ssdeep":"3072:e1kAHZYoZ0nwcfuJ1wUuyJPjfu/lcewk+o7fW/4faA1YMJQm6/1SWuCHFi:6ZpaMxjZWO/lMJQm6/Juoc","tlshash":"34242acdb3da706693a3b578903f014ba27a7992f84cc894f142d8c42d7466a4277f7d","first_seen":"2026-05-07T11:12:42.599884Z","last_seen":"2026-05-07T12:20:13.027251Z","times_seen":10,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":82,"dns":0,"connect":21,"send":0,"wait":33,"receive":42,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/icons/logo-two.png","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /icons/logo-two.png HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 4159\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Tue, 10 Mar 2026 11:51:28 GMT\r\netag: W/\"103f-19cd7967600\"\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\nx-content-type-options: nosniff, nosniff\r\nreferrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nstrict-transport-security: max-age=15552000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jZMAruo85eMBmVqosD21xsnmCHAOKsn%2FmIjKDh7qYy6hcx13U2LT5KaD1Xf%2Bpc9RPdU4E2wBvUBrgH67NhaRjIGz1KEc5MNz4oWxOMgi3B9U8d56tpYMs3DmpGUHvhcT3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f8028124cb323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4159,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 71 x 81, 8-bit/color RGBA, non-interlaced","md5":"58fd2a12f571cafad976ed5feddeeacc","sha1":"c7c0342c9edb1d20d96f26c0d713b83c4124b144","sha256":"98e40eaf5f022cb4f4e94991a6fbcc95a11f93545c1354237b2f40cca4d9405b","sha512":"399b57f3f371f14c98a8a1600ba028f721739d76511e2c1476aefb46f212cf58dd9e9142eb0f77e160644a9fec03d32405459658345912457fc19304aad69a70","ssdeep":"96:taIF26hHzU/RmovWsHQOJ9SNnGFHUikhpeuaeJNGYXRfCK0uG7SPR:n1zMhWsHQs9StwHLQJdRJ0XWJ","tlshash":"54817db5f830ccc0cc2d6c61d1ad6d8c103613454dc6b879ef96e9b3a2645d3145cbda","first_seen":"2026-04-13T07:55:48.870403Z","last_seen":"2026-05-10T13:12:15.898489Z","times_seen":28,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/media/70355d4fbd533ab2-s.p.woff2","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/media/70355d4fbd533ab2-s.p.woff2 HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20144\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\netag: \"69f97b07-4eb0\"\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wMhLaQVu4C9y4KWNA12mv6JSfs1Y6JOyfRAFA9VLKWzudsuyc6DWs16EJiIUCJ1rlpOsq%2FvxwUAiveSmqdbK2nE6HvIglq0OVgt66Txlo2dWGchOGsxDrsaHHcUVxeUr0w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f802811594623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20144,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20144, version 1.0","md5":"9b9969b222383443533022faa1a8dc15","sha1":"960bfc7f598d95e5e1f183f66f0b9570c59be7f5","sha256":"fd4c8e65080adbaf0cc819eb67b08ed9300e9274dd0069b382d286b93b9544a0","sha512":"dca295932532388d01fc0130671252a3bf707bd9a2e5608d69b2ad0ee9134a9349e2c45734ca8bc223ea4090e918420166c6944395852a108ef7d25a360fd2f0","ssdeep":"384:bDDIoOYd5DFolWnW7Hy2ljK3VB87feqOMtmna2213/p:bwYdFFolz7HyMjK/87vOaPvp","tlshash":"4c92e067de6d3916fcd415f04619ec1ea1b12f617c2206fb0cc8c946906da8d6aaed88","first_seen":"2025-11-23T10:03:25.17893Z","last_seen":"2026-05-10T22:07:30.927718Z","times_seen":81,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/css/30e914f7c532213a.css","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/css/30e914f7c532213a.css HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tw-payment.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jz5MvoWTCq2gtNprd60Y6xW%2BGIyEhu6BfahSYwildMDKsKQroXkB%2Fnmm%2B3xJz5gnb2mHf8CA2uKQWwGlStIfeXUqFCi98WyJXry9ixtprKxGK4Rtyfxvu%2Frws4S3P2z0Bw%3D%3D\"}]}\r\netag: W/\"69f97b07-29fb\"\r\ncontent-encoding: br\r\ncf-ray: 9f80280f7c2123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10747,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10747), with no line terminators","md5":"63d7d893cc61f68092a9849b7fa50f9c","sha1":"8dbefe92c7be03cdad36a65ed07c777761850712","sha256":"7b4f8097adfdb78457be0b3e9968e57ecf918ecfd6df6f80442b4b9e1d74757c","sha512":"ea5863f538ae8347880f944c22cf85c967a3f1b0d8538fa2cbdacab3f21fa709816f64c8e511701427d7a282e499ba63dfa437c8bb1e3e8d891d97bc5b081f51","ssdeep":"192:LCohu075xY5GESdtcSc4P3A2wb/eBPVWZmGE1PnZpak1g2wol4+kVJj+vD1PwOzM:1u075KgESdtcSVActUAg2wihJwJ","tlshash":"0b2295399260813df02ada9274c6ad8fb8a4c533f7134398da737cedd6811cb473524a","first_seen":"2026-05-04T09:45:54.619781Z","last_seen":"2026-05-08T16:18:51.886871Z","times_seen":22,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/webpack-915a4beb39c6de68.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/chunks/webpack-915a4beb39c6de68.js HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tw-payment.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Mon, 04 May 2026 05:03:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 04 May 2027 20:47:21 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\nage: 228551\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h2uGCAwvANuHvVEQ7bjXAL5JDSb%2FvfEECoBj8lLopW7C%2B3l%2FPspmIujR32QYL8RCPCOLkV%2Bjncvgt0sIHJzut2wIeo%2Forsal4kG6xIkKtF3ZpDhIaMH%2FSMswrvF0CEY85A%3D%3D\"}]}\r\netag: W/\"69f82894-e92\"\r\ncontent-encoding: br\r\ncf-ray: 9f80280f7c2423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3730,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3730), with no line terminators","md5":"e00ad5eed75162b54948c926313431ac","sha1":"d76f4b5a281c84c4b563f55d01f89e579e509ec5","sha256":"974affbf3dd42324a85038f83bdc2e745a7a4d2c2332e941ea2180910a592bbb","sha512":"444a53aaf6842927a4413ec5a95aa44de2f38a70e05a838efd75560cf95a915e434a54692fd10aedefc56854c42bd7203ecafe19805bff091c1e9e4168480c22","ssdeep":"","tlshash":"6e71d6a53621f9b166f044c65c7ed582f229313b112fecf0a707d8b9a424ad10562ff3","first_seen":"2026-05-04T09:45:54.620674Z","last_seen":"2026-05-08T16:18:51.896887Z","times_seen":18,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tw-payment.com/_next/static/chunks/4bd1b696-409494caf8c83275.js","fqdn":"tw-payment.com","domain":"tw-payment.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tw-payment.com/","date":"2026-05-07T12:16:33.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tw-payment.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:11:53 GMT","end":"Fri, 31 Jul 2026 21:11:52 GMT"},"fingerprint":{"sha1":"AE:CB:2A:B4:5E:46:D2:51:5F:13:46:55:EF:1E:37:D4:61:C4:38:08","sha256":"98:BB:07:2F:BC:3C:65:3F:6A:4B:73:EA:D2:B8:B7:04:62:30:CB:FB:4B:9E:E8:1C:E2:03:4C:63:D9:5D:20:87"}}},"request":{"raw":"GET /_next/static/chunks/4bd1b696-409494caf8c83275.js HTTP/1.1\r\nHost: tw-payment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tw-payment.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 07 May 2026 12:16:33 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 05 May 2026 05:07:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 07 May 2027 12:16:33 GMT\r\ncache-control: public, max-age=31536000, immutable\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0iLF%2BMSlPocXpY5VQ%2FAkpbJkKuRzvL7aRRiGrJWreKem5f1obdwqqvxGuI7DW9Z0tG0HGAEv4RWFl06HeGLehw%2B9ygt3%2BSRobjiKgGE9C9%2F52ZR3HLV%2FV17KMt7qm0j4Kw%3D%3D\"}]}\r\netag: W/\"69f97b07-2a3e0\"\r\ncontent-encoding: br\r\ncf-ray: 9f80280f7c2523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173024,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bc071e9c777357d51dff977fb1a134fc","sha1":"9fa232d68efce3b2b2c3352511e475ddc64e4bb4","sha256":"d7fd4b1b9d7f818cc97ddd7b672944e523f23d36a2963d5769caf809141fb9e6","sha512":"69cc9135f9e2a7eef21803fc95efd56348b6de5fafad94fdc2c83d8f6d5e5af8aede3facbdb712a4e26aedc9d87d78c59f01464923f17f5c4ff64480df365611","ssdeep":"1536:XWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:19LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"4ef3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","first_seen":"2025-09-05T19:18:55.705611Z","last_seen":"2026-05-11T08:03:11.833575Z","times_seen":597,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"tw-payment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}